oauth2client.contrib.gce module¶
Utilities for Google Compute Engine
Utilities for making it easier to use OAuth 2.0 on Google Compute Engine.
-
class
oauth2client.contrib.gce.
AppAssertionCredentials
(email=None, *args, **kwargs)[source]¶ Bases:
oauth2client.client.AssertionCredentials
Credentials object for Compute Engine Assertion Grants
This object will allow a Compute Engine instance to identify itself to Google and other OAuth 2.0 servers that can verify assertions. It can be used for the purpose of accessing data stored under an account assigned to the Compute Engine instance itself.
This credential does not require a flow to instantiate because it represents a two legged flow, and therefore has all of the required information to generate and refresh its own access tokens.
Note that
service_account_email
andscopes
will both return None until the credentials have been refreshed. To check whether credentials have previously been refreshed useinvalid
.-
create_scoped_required
()[source]¶ Whether this Credentials object is scopeless.
create_scoped(scopes) method needs to be called in order to create a Credentials object for API calls.
-
classmethod
from_json
(json_data)[source]¶ Instantiate a Credentials object from a JSON description of it.
The JSON should have been produced by calling .to_json() on the object.
Parameters: json_data – string or bytes, JSON to deserialize. Returns: An instance of a Credentials subclass.
-
retrieve_scopes
(http)[source]¶ Retrieves the canonical list of scopes for this access token.
Overrides client.Credentials.retrieve_scopes. Fetches scopes info from the metadata server.
Parameters: http – httplib2.Http, an http object to be used to make the refresh request. Returns: A set of strings containing the canonical list of scopes.
-
serialization_data
¶
-
sign_blob
(blob)[source]¶ Cryptographically sign a blob (of bytes).
This method is provided to support a common interface, but the actual key used for a Google Compute Engine service account is not available, so it can’t be used to sign content.
Parameters: blob – bytes, Message to be signed. Raises: NotImplementedError, always.
-